Vulnerabilities > Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-02 | CVE-2018-11147 | OS Command Injection vulnerability in Quest Disk Backup Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 5 of 46). | 8.8 |
| 2018-06-02 | CVE-2018-11146 | OS Command Injection vulnerability in Quest Disk Backup Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 4 of 46). | 8.8 |
| 2018-06-02 | CVE-2018-11145 | OS Command Injection vulnerability in Quest Disk Backup Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 3 of 46). | 8.8 |
| 2018-06-02 | CVE-2018-11144 | OS Command Injection vulnerability in Quest Disk Backup Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 2 of 46). | 8.8 |
| 2018-06-02 | CVE-2018-11143 | OS Command Injection vulnerability in Quest Disk Backup Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 1 of 46). | 9.8 |
| 2018-06-01 | CVE-2018-3757 | OS Command Injection vulnerability in Pdf-Image Project Pdf-Image 2.0.0 Command injection exists in pdf-image v2.0.0 due to an unescaped string parameter. | 9.8 |
| 2018-06-01 | CVE-2018-3746 | OS Command Injection vulnerability in Pdfinfojs Project Pdfinfojs The pdfinfojs NPM module versions <= 0.3.6 has a command injection vulnerability that allows an attacker to execute arbitrary commands on the victim's machine. | 9.8 |
| 2018-05-31 | CVE-2018-11139 | OS Command Injection vulnerability in Quest Kace System Management Appliance 8.0.318 The '/common/ajax_email_connection_test.php' script in the Quest KACE System Management Appliance 8.0.318 is accessible by any authenticated user and can be abused to execute arbitrary commands on the system. | 8.8 |
| 2018-05-31 | CVE-2018-11138 | OS Command Injection vulnerability in Quest Kace System Management Appliance 8.0.318 The '/common/download_agent_installer.php' script in the Quest KACE System Management Appliance 8.0.318 is accessible by anonymous users and can be abused to execute arbitrary commands on the system. | 9.8 |
| 2018-05-31 | CVE-2018-11132 | OS Command Injection vulnerability in Quest Kace System Management Appliance 8.0.318 In order to perform actions that require higher privileges, the Quest KACE System Management Appliance 8.0.318 relies on a message queue that runs daemonized with root privileges and only allows a set of commands to be executed. | 8.8 |